Embedded electronic device and boot method thereof

ABSTRACT

An embedded electronic device and a boot method are provided. A processor of the embedded electronic device is configured to execute following steps based on a first boot procedure: verifying whether a second memory device safely corresponds to a first memory controller; in response to that the second memory device safely corresponds to the first memory controller, deciphering and verifying stored data of the second memory device through the first memory controller; and in response to that the second memory device does not safely correspond to the first memory controller, verifying whether the second memory device safely corresponds to a second memory controller.

CROSS-REFERENCE TO RELATED APPLICATION

This non-provisional application claims priority under 35 U.S.C. §119(a) to Patent Application No. 202210632401.3 filed in China, P.R.C.on Jun. 6, 2022, the entire contents of which are hereby incorporated byreference.

BACKGROUND Technical Field

The instant disclosure relates to embedded electronic device technology,especially an embedded electronic device and a boot method related toboot procedure verification loading.

Related Art

A boot-loader, also known as the firmware of an embedded electronicdevice, is a program of the embedded electronic device before theoperating system kernel runs. The boot-loader executes a boot procedureof the embedded electronic device. Through activating the boot-loader,the embedded electronic device can initialize a hardware device andestablish memory space mapping so as to set a hardware environment ofthe embedded electronic device as a suitable state, hence an appropriatesoftware environment is ready for the operating system kernel. Becausethe embedded electronic device is often customized to meet variousrequirements, the boot-loader is often divided into a plurality ofstages. A boot-loader portion of the embedded electronic device isusually stored in an external flash memory. In safe boot mode, theembedded electronic device needs to verify the safety of the externalmemory and the code correctness and validity by executing a first stageboot loader, and after the verification is passed, the embeddedelectronic device can execute the whole boot-loader. For existingtechnologies known to the inventor, various types of external flashmemories (NAND flash, NOR flash, eMMC, etc.) need to configure differentwork modes through a general-purpose input/output (GPIO) interface andthen adopt an access method corresponding to the external flash memoryto obtain the contents stored in the external memory. However, thisprocess occupies more interface pins of the GPIO.

SUMMARY

In view of this, some exemplary embodiments of the instant disclosureprovide an embedded electronic device and a boot procedure to improveexisting technologies known to the inventor.

An exemplary embodiment of the instant disclosure provides an embeddedelectronic device. The embedded electronic device comprises a processor,a first memory device, a plurality of memory controllers, and a secondmemory device. The first memory device is configured to store a firstboot procedure. The memory controllers comprise a first memorycontroller and a second memory controller. The second memory device isconnected to the memory controllers. The processor is configured toexecute following steps based on the first boot procedure: verifyingwhether the second memory device safely corresponds to the first memorycontroller; in response to that the second memory device safelycorresponds to the first memory controller, deciphering and verifyingstored data of the second memory device through the first memorycontroller; and in response to that the second memory device does notsafely correspond to the first memory controller, verifying whether thesecond memory device safely corresponds to the second memory controller.

An exemplary embodiment of the instant disclosure provides an embeddedelectronic device. The embedded electronic device comprises a processor,a first memory device, a plurality of memory controllers, a register,and a second memory device. The first memory device is configured tostore a first boot procedure. The memory controllers comprise a firstmemory controller and a second memory controller. The second memorydevice is connected to the memory controllers. The first memorycontroller is configured to run a test on the second memory device andwrite a data into a register based on a result of the test after theembedded electronic device is booted up. The processor is configured toexecute following steps based on the first boot procedure: in responseto that the data is a first value, verifying whether the second memorydevice safely corresponds to the first memory controller; in response tothat the second memory device safely corresponds to the first memorycontroller, deciphering and verifying stored data of the second memorydevice through the first memory controller; and in response to that thedata is a second value or that the second memory device does not safelycorrespond to the first memory controller, verifying whether the secondmemory device safely corresponds to the second memory controller.

An exemplary embodiment of the instant disclosure provides a boot methodadapted for the aforementioned embedded electronic devices. The bootmethod comprises executing following steps by a processor based on afirst boot procedure: verifying whether a second memory device safelycorresponds to a first memory controller; in response to that the secondmemory device safely corresponds to the first memory controller,deciphering and verifying stored data of the second memory devicethrough the first memory controller; and in response to that the secondmemory device does not safely correspond to the first memory controller,verifying whether the second memory device safely corresponds to asecond memory controller.

An exemplary embodiment of the instant disclosure provides a boot methodadapted for the aforementioned embedded electronic devices. The bootmethod comprises: after the embedded electronic device is booted up,running a test on a second memory device and writing a data into aregister based on a result of the test by a first memory controller; andexecuting following steps by a processor based on a first bootprocedure: in response to that the data is a first value, verifyingwhether the second memory device safely corresponds to the first memorycontroller; in response to that the second memory device safelycorresponds to the first memory controller, deciphering and verifyingstored data of the second memory device through the first memorycontroller; and in response to that the data is a second value or thatthe second memory device does not safely correspond to the first memorycontroller, verifying whether the second memory device safelycorresponds to a second memory controller.

As above, some exemplary embodiments of the instant disclosure providean embedded electronic device and a boot method, wherein throughmemory-mapped I/O (MMIO) architecture, the data of the bus address beingmapped by the external memory device can be read. As a result, thecorrectness and safety of the external memory device can be verifiedwithout occupying more GPIO pins, and thus a safe second boot procedurecan be read.

BRIEF DESCRIPTION OF THE DRAWINGS

The disclosure will become more fully understood from the detaileddescription given herein below for illustration only, and thus notlimitative of the disclosure, wherein:

FIG. 1 illustrates a schematic block diagram of an embedded electronicdevice according to an exemplary embodiment of the instant disclosure;

FIG. 2 illustrates a schematic block diagram of an embedded electronicdevice according to an exemplary embodiment of the instant disclosure;

FIG. 3-1 illustrates a schematic flowchart of a boot method according toan exemplary embodiment of the instant disclosure;

FIG. 3-2 illustrates a schematic flowchart of a boot method according toan exemplary embodiment of the instant disclosure;

FIG. 4 illustrates a schematic flowchart of a boot method according toan exemplary embodiment of the instant disclosure;

FIG. 5 illustrates a schematic flowchart of a boot method according toan exemplary embodiment of the instant disclosure;

FIG. 6-1 illustrates a schematic flowchart of a boot method according toan exemplary embodiment of the instant disclosure;

FIG. 6-2 illustrates a schematic flowchart of a boot method according toan exemplary embodiment of the instant disclosure;

FIG. 7 illustrates a schematic flowchart of a boot method according toan exemplary embodiment of the instant disclosure;

FIG. 8 illustrates a schematic flowchart of a boot method according toan exemplary embodiment of the instant disclosure; and

FIG. 9 illustrates a schematic flowchart of a boot method according toan exemplary embodiment of the instant disclosure.

DETAILED DESCRIPTION

The foregoing illustration and other technical contents, features, andfunctions of the instant disclosure will be clearly presented throughthe following detailed description with the provided figures. The widthsand sizes of the elements in the figures may be exaggerated orabbreviated and are meant to help persons skilled in the art understandand read the instant disclosure, and the sizes of the elements in thefigures may not be their actual sizes but do not limit the embodiedlimitations of the instant disclosure and thus do not possesstechnically practical context. Any structural modification or changes inratios or sizes shall fall into the scope of the technical context ofthe instant disclosure as long as they do not affect the functions andgoals of the instant disclosure. The same symbols among all figures areused to denote identical or similar elements.

FIG. 1 illustrates a schematic block diagram of an embedded electronicdevice 100 according to an exemplary embodiment of the instantdisclosure. Please refer to FIG. 1 . The embedded electronic device 100comprises a processor 101, a bus 102, a plurality of memory controllers103-1 through 103-N, a first memory device 104, and a second memorydevice 105, where N is a positive integer. The first memory device 104is configured to store a first boot procedure of the embedded electronicdevice 100. The memory controllers 103-1 through 103-N are connected tothe second memory device 105. The bus 102 is configured to connect theprocessor 101 to the memory controllers 103-1 through 103-N and thefirst memory device 104. The processor 101 can individually turn on orturn off the memory controllers 103-1 through 103-N.

In some exemplary embodiments of the instant disclosure, the firstmemory device 104 is a read-only memory (ROM). The first boot procedureis a first stage system activation loader. After the embedded electronicdevice 100 is powered on, the processor 101 reads and executes the firstboot procedure stored in the first memory device 104 so as to initializethe embedded electronic device 100. The second memory device 105 is aflash memory configured to store a second boot procedure enciphered bythe embedded electronic device 100. The second memory device 105 may be,but not limited to, an NOR flash, an NAND flash, or an embeddedmultimedia card.

The following will illustrate in detail the boot method and thecooperation between the hardware components of the embedded electronicdevice 100 according to an exemplary embodiment of the instantdisclosure with the aid of provided figures.

FIG. 3-1 illustrates a schematic flowchart of a boot method according toan exemplary embodiment of the instant disclosure. For illustrativepurposes, the memory controller 103-1 is referred to as a first memorycontroller, the memory controller 103-2 is referred to as a secondmemory controller, the memory controller 103-3 is referred to as a thirdmemory controller, and so on hereinafter. Please refer to FIG. 1 andFIG. 3-1 . In this exemplary embodiment, in the step S301, the processor101 verifies whether the second memory device 105 safely corresponds tothe first memory controller (i.e., the memory controller 103-1), thatis, in this embodiment, the processor 101 verifies whether the firstmemory controller can control the second memory device 105, and theprocessor 101 also verifies whether the second memory device 105 meetsthe requirement for safe booting. In the step S302, the processor 101determines whether the second memory device 105 safely corresponds tothe first memory controller, and, if the determination comes outpositive, the step S303 is executed, or else the step S304 is executed.

In the step S303, because the processor 101 has determined that thesecond memory device 105 safely corresponds to the first memorycontroller, the processor 101 deciphers and verifies stored data of thesecond memory device 105 through the first memory controller. In thestep S304, because the processor 101 has determined that the secondmemory device 105 does not safely correspond to the first memorycontroller, the processor 101 further verifies whether the second memorydevice 105 safely corresponds to the second memory controller.

FIG. 3-2 illustrates a schematic flowchart of a boot method according toan exemplary embodiment of the instant disclosure. In this exemplaryembodiment, the value of the aforementioned positive integer N is 3,that is, in this embodiment, the embedded electronic device 100comprises memory controllers 103-1 through 103-3. Compared with theschematic flowchart of the boot method shown in FIG. 3-1 , the schematicflowchart of the boot method shown in FIG. 3-2 further comprises thesteps S305, S306, and S307. Please refer to FIG. 1 and FIG. 3-2 . Afterthe processor 101 executes the step S304, the processor 101 executes thestep S305. In the step S305, the processor 101 determines whether thesecond memory device 105 safely corresponds to the second memorycontroller (i.e., the memory controller 103-2), and, if thedetermination comes out positive, the step S306 is executed, or else thestep S307 is executed. In the step S306, because the processor 101 hasdetermined that the second memory device 105 safely corresponds to thesecond memory controller, the processor 101 deciphers and verifies thestored data of the second memory device 105 through the second memorycontroller. In the step S307, because the processor 101 has determinedthat the second memory device 105 does not safely correspond to thesecond memory controller, the processor 101 directly deciphers andverifies the stored data of the second memory device 105 through thethird memory controller.

In some exemplary embodiments of the instant disclosure, if thedetermination of the step S305 comes out negative, the processor 101does not execute the step S307. Instead, the processor 101 furtherdetermines whether the second memory device 105 safely corresponds tothe third memory controller, and, if the determination comes outpositive, the processor 101 directly deciphers and verifies the storeddata of the second memory device 105 through the third memorycontroller, or else the processor 101 sends out an error message.

FIG. 4 and FIG. 5 illustrate schematic flowcharts of a boot methodaccording to an exemplary embodiment of the instant disclosure. In theexemplary embodiment shown in FIG. 4 and FIG. 5 , the memory devices(including the second memory device 105) external to the embeddedelectronic device 100 are mapped to different bus addresses. As such,when the processor 101 attempts to conduct communication with theexternal memory devices, data are transmitted through address wires tothese bus addresses. The external memory devices monitor the addresswires, and the external memory device receives data transmitted throughthe corresponding address wires when the processor 101 transmits datatoward corresponding bus addresses. The processor 101 can also read datarelated to the external memory devices through corresponding busaddresses. This design is called memory-mapped I/O (MMIO).

In this exemplary embodiment, the memory device corresponding to thefirst memory controller (i.e., the memory controller 103-1) is a 32MNAND flash memory, and the memory device corresponding to the secondmemory controller (i.e., the memory controller 103-2) is a 32M SPI NORflash memory. The two external memories may be mapped according to thevalues shown in Table 1 below.

TABLE 1 Item NAND flash memory SPI NOR flash memory Memory 0-0x1FFFFFF0-0x1FFFFFF device address Bus address 0xA0000000-0xA1FFFFFFF0xB0000000-0xB1FFFFFFF

Please refer to FIG. 4 . The step S301 further comprises the stepsS401-S404 shown in FIG. 4 . In the step S401, the processor 101 reads afirst verification data in a storage space of a first bus address0xA0000000-0x1FFFFFF corresponding to the first memory controller. Inthis exemplary embodiment, the first verification data is a 32-bit dataand is located in the 32-bit memory after the initial address of0xA0000000. It should be illustrated that the first verification datacan be set as data of any size according to different requirements andcan be stored in any location of the storage space of the first busaddress 0xA0000000-0xA1FFFFFFF. The instant disclosure is not limitedthereto.

In the step S402, the processor 101 determines whether the firstverification data is a preset data. In this exemplary embodiment, thepreset data is 0xAA123456. If the processor 101 determines that thefirst verification data is the preset data, the step S403 is executed,or else the step S404 is executed. In the step S403, the processor 101confirms that the second memory device 105 safely corresponds to thefirst memory controller by determining that the first verification datais the preset data. In the step S404, the processor 101 confirms thatthe second memory device 105 does not safely correspond to the firstmemory controller.

Please refer to FIG. 5 . The step S304 further comprises the stepsS501-S504 shown in FIG. 5 . In the step S501, the processor 101 reads asecond verification data in a storage space of a second bus address0xB0000000-0xB1FFFFFFF corresponding to the second memory controller. Inthis exemplary embodiment, the second verification data is a 32-bit dataand is located in the 32-bit memory after the initial address of0xA0000000. It should be illustrated that the second verification datacan be set as data of any size according to different requirements andcan be stored in any location of the storage space of the second busaddress 0xB0000000-0xB1FFFFFFF. The instant disclosure is not limitedthereto.

In the step S502, the processor 101 determines whether the secondverification data is the preset data. As previously illustrated, in thisexemplary embodiment, the preset data is 0xAA123456. If the processor101 determines that the second verification data is the preset data, thestep S503 is executed, or else the step S504 is executed. In the stepS503, the processor 101 confirms that the second memory device 105safely corresponds to the second memory controller. In the step S504,the processor 101 confirms that the second memory device 105 does notsafely correspond to the second memory controller.

Please refer to FIG. 3-2 . As previously illustrated, in some exemplaryembodiments of the instant disclosure, when the determination of thestep S305 comes out negative, the processor 101 does not execute thestep S307. Instead, the processor 101 further determines whether thesecond memory device 105 safely corresponds to the third memorycontroller, and, if this determination comes out positive, the processor101 directly deciphers and verifies the stored data of the second memorydevice 105 through the third memory controller, or else the processor101 sends out an error message. In some exemplary embodiments of theinstant disclosure, the aforementioned step of further determiningwhether the second memory device 105 safely corresponds to the thirdmemory controller by the processor 101 further comprises: reading athird verification data in a storage space of a third bus addresscorresponding to the third memory controller by the processor 101;determining whether the third verification data is the preset data bythe processor 101; in response to that the third verification data isthe preset data, confirming that the second memory device 105 safelycorresponds to the third memory controller by the processor 101; inresponse to that the third verification data is not the preset data,confirming that the second memory device 105 does not safely correspondto the third memory controller by the processor 101.

In some exemplary embodiments of the instant disclosure, the firstverification data comprises a first matching data, and the secondverification data comprises a second matching data. Through the firstmatching data and the second matching data, the processor 101 candetermine whether the first memory controller and the second memorycontroller can control the second memory device 105, respectively. Inthis exemplary embodiment, the processor 101 uses the last eight bits ofthe first verification data as the first matching data. When the firstmatching data is identical to the last eight bits of the preset data(i.e., the last eight bits of 0xAA123456 and thus 56 in this exemplaryembodiment), the processor 101 can learn that the second memory device105 is matched to the first memory controller, that is, in thisembodiment, the first memory controller can control the second memorydevice 105. Then, the processor 101 confirms whether the first memorycontroller meets the safety requirement by comparing the firsttwenty-four bits of the first verification data with the firsttwenty-four bits of the preset data (i.e., the first twenty-four bits of0xAA123456 and thus AA1234 in this exemplary embodiment). Similarly, theprocessor 101 uses the last eight bits of the second verification dataas the second matching data. When the second matching data is identicalto the last eight bits of the preset data (i.e., the last eight bits of0xAA123456 and thus 56 in this exemplary embodiment), the processor 101can learn that the second memory device 105 is matched to the secondmemory controller, that is, in this embodiment, the second memorycontroller can control the second memory device 105. Then, the processor101 confirms whether the second memory controller meets the safetyrequirement by comparing the first twenty-four bits of the secondverification data with the first twenty-four bits of the preset data(i.e., the first twenty-four bits of 0xAA123456 and thus AA1234 in thisexemplary embodiment).

It should be illustrated that, in the aforementioned exemplaryembodiment, the last eight bits of the first verification data is usedas the first matching data, and the last eight bits of the secondverification data is used as the second matching data. However, otherbits of the first verification data and other bits of the secondverification data may also be used as the first matching data and thesecond matching data, respectively, according to different requirements,and the instant disclosure is not limited thereto.

In some exemplary embodiments of the instant disclosure, theaforementioned stored data includes a second boot procedure which isenciphered. After the processor 101 executes the first boot procedure,the processor 101 continues to execute the second boot procedure so asto continue the initialization of the embedded electronic device 100.

FIG. 2 illustrates a schematic block diagram of an embedded electronicdevice 200 according to an exemplary embodiment of the instantdisclosure. Please refer to FIG. 2 . Compared with the embeddedelectronic device 100 shown in FIG. 1 , the embedded electronic device200 shown in FIG. 2 further comprises a register 106.

The following will illustrate in detail the boot method and thecooperation between the hardware components of the embedded electronicdevice 200 according to an exemplary embodiment of the instantdisclosure with the aid of provided figures.

FIG. 6-1 illustrates a schematic flowchart of a boot method according toan exemplary embodiment of the instant disclosure. For illustrativepurposes, the memory controller 103-1 is referred to as a first memorycontroller, the memory controller 103-2 is referred to as a secondmemory controller, the memory controller 103-3 is referred to as a thirdmemory controller, and so on hereinafter. Please refer to FIG. 2 andFIG. 6-1 . In this exemplary embodiment, in the step S601, in order toverify the second memory device 105 quickly, after the embeddedelectronic device 200 is powered on, the first memory controller (i.e.,the memory controller 103-1) runs a test on the second memory device 105and then writes a data into the register 106 according to the result ofthe test.

After the step S601, the processor 101 executes the steps S602-S606according to the first boot procedure. In the step S602, the processor101 reads the aforementioned data written into the register 106 andcompares the aforementioned data with a first value. If theaforementioned data is identical to the first value, the first memorycontroller can control the second memory device 105, and then the stepS603 is executed. If the aforementioned data is not identical to thefirst value, the first memory controller cannot control the secondmemory device 105, and then the step S606 is executed.

In the step S603, the processor 101 verifies whether the second memorydevice 105 safely corresponds to the first memory controller (i.e., thememory controller 103-1). Because the processor 101 has verified thatthe first memory controller can control the second memory device 105 inthe step S602, the processor 101 just further verifies whether thesecond memory device 105 meets the requirement for safe booting in thestep S603. In the step S604, the processor 101 determines whether thesecond memory device 105 safely corresponds to the first memorycontroller, and, if the determination comes out positive, the step S605is executed, or else the step S606 is executed. In the step S605, theprocessor 101 deciphers and verifies stored data of the second memorydevice 105 through the first memory controller. In the step S606,because the processor 101 has determined that the second memory device105 does not safely correspond to the first memory controller, theprocessor 101 verifies whether the second memory device 105 safelycorresponds to the second memory controller.

FIG. 6-2 illustrates a schematic flowchart of a boot method according toan exemplary embodiment of the instant disclosure. In this exemplaryembodiment, the value of the aforementioned positive integer N is 3,that is, in this embodiment, the embedded electronic device 200comprises memory controllers 103-1 through 103-3. Compared with theschematic flowchart of the boot method shown in FIG. 6-1 , the schematicflowchart of the boot method shown in FIG. 6-2 further comprises thesteps S607, S608, and S609. Because the steps S607, S608, and S609 shownin FIG. 6-2 are respectively identical to the steps S305, S306, and S307shown in FIG. 3-2 , the illustration for the steps S607, S608, and S609will not be repeatedly illustrated here. It should be furtherillustrated that, in some exemplary embodiments of the instantdisclosure, when the determination of the step S607 comes out negative,the processor 101 does not execute the step S609. Instead, the processor101 further determines whether the second memory device 105 safelycorresponds to the third memory controller, and, if the determinationcomes out positive, the processor 101 directly deciphers and verifiesthe stored data of the second memory device 105 through the third memorycontroller, or else the processor 101 sends out an error message.

FIG. 7 illustrates a schematic flowchart of a boot method according toan exemplary embodiment of the instant disclosure. Please refer to FIG.7 . In the exemplary embodiment shown in FIG. 7 , the step S601comprises steps the S701-S706. In the step S701, the first memorycontroller (i.e., the memory controller 103-1) transmits a test commandto the second memory device 105. If the first memory controller cancontrol the second memory device 105, the second memory device 105 willgenerate a reaction at the aforementioned test command and return areturn value (such as, but not limited to, a value currently stored in astate register of the second memory device 105). In the step S702, ifthe second memory device 105 has returned a return value, the step S703is then executed, or else the step S704 is then executed. In the stepS703, the first memory controller prereads a default size data (a datawith a default size) at the second memory device 105. The default sizemay be, but not limited to, the size of a read unit of the first memorycontroller or the size of the aforementioned first verification data. Inthe step S705, the first memory controller determines whether theprereading was successful, and, if the determination comes out positive,the step S706 is executed, or else the step S704 is executed.

In the step S706, the first memory controller writes the aforementionedfirst value into the register 106. In the step S704, the first memorycontroller writes the aforementioned second value into the register 106.The first value and the second value just have to be able to recordwhether the second memory device 105 generated a reaction to the testcommand and whether the first memory controller successfully preread thedefault size data, respectively, and the form of the first value and thesecond value is not limited in this invention.

FIG. 8 and FIG. 9 illustrate schematic flowcharts of a boot methodaccording to an exemplary embodiment of the instant disclosure. In theexemplary embodiment shown in FIG. 8 and FIG. 9 , the memory devices(including the second memory device 105) external to the embeddedelectronic device 100 are designed according to the aforementioned MMIOmethod (i.e., in this embodiment, the memory devices (including thesecond memory device 105) external to the embedded electronic device 100are mapped to different bus addresses). Because the steps S801-S804shown in FIG. 8 are identical to the steps S401-S404 shown in FIG. 4 ,respectively, and the steps S901-S904 shown in FIG. 9 are identical tothe steps S501-S504 shown in FIG. 5 , respectively, the illustration forFIG. 8 and FIG. 9 can be referred to the illustration for FIG. 4 andFIG. 5 and will not be repeatedly illustrated here. It should beillustrated that, because the second memory device 105 has generated anreaction to the test command transmitted by the first memory controllerand the first memory controller has successfully preread the defaultsize data in the step S706, in the step S802 shown in FIG. 8 , theprocessor 101 does not have to repeatedly test whether the first memorycontroller can control the second memory device 105, and thus the firstverification data may not have to include the first matching data.

In some exemplary embodiments of the instant disclosure, theaforementioned stored data includes the enciphered second boot procedureof the embedded electronic device 200. After the processor 101 executesthe first boot procedure, the processor 101 continues to execute thesecond boot procedure so as to continue the initialization of theembedded electronic device 200.

As above, some exemplary embodiments of the instant disclosure providean embedded electronic device and a boot method, wherein throughmemory-mapped I/O (MMIO) architecture, the data of the bus address beingmapped by the external memory device can be read. As a result, thecorrectness and safety of the external memory device can be verifiedwithout occupying more GPIO pins, and thus a safe second boot procedurecan be read.

Although the technical context of the instant disclosure has beendisclosed using the exemplary embodiments above, the exemplaryembodiments are not meant to limit the instant disclosure. Anyalteration and retouch made by persons skilled in the art withoutdeviating from the spirit of the instant disclosure shall fall into thescope of the instant disclosure. The scope of protected invention shallbe defined by the claims below.

What is claimed is:
 1. An embedded electronic device comprising: aprocessor; a first memory device configured to store a first bootprocedure; a plurality of memory controllers comprising a first memorycontroller and a second memory controller; and a second memory deviceconnected to the memory controllers; wherein the processor is configuredto execute following steps based on the first boot procedure: (a)verifying whether the second memory device safely corresponds to thefirst memory controller; (b) in response to that the second memorydevice safely corresponds to the first memory controller, decipheringand verifying stored data of the second memory device through the firstmemory controller; and (c) in response to that the second memory devicedoes not safely correspond to the first memory controller, verifyingwhether the second memory device safely corresponds to the second memorycontroller.
 2. The embedded electronic device according to claim 1,wherein the step (a) comprises: reading a first verification data in astorage space of a first bus address corresponding to the first memorycontroller; in response to that the first verification data is a presetdata, confirming that the second memory device safely corresponds to thefirst memory controller; and in response to that the first verificationdata is not the preset data, confirming that the second memory devicedoes not safely correspond to the first memory controller.
 3. Theembedded electronic device according to claim 2, wherein the step (c)comprises: reading a second verification data in a storage space of asecond bus address corresponding to the second memory controller andcomparing the second verification data with the preset data; in responseto that the second verification data is the preset data, confirming thatthe second memory device safely corresponds to the second memorycontroller; and in response to that the second verification data is notthe preset data, confirming that the second memory device does notsafely correspond to the second memory controller.
 4. The embeddedelectronic device according to claim 3, wherein the first verificationdata comprises a first matching data, the second verification datacomprises a second matching data, the first matching data is used tomatch the first memory controller with the second memory device, and thesecond matching data is used to match the second memory controller withthe second memory device.
 5. The embedded electronic device according toclaim 1, wherein the stored data comprises a second boot procedure, andthe processor is configured to execute the second boot procedure afterthe processor executes the first boot procedure.
 6. The embeddedelectronic device according to claim 1, wherein the first memory deviceis a read-only memory (ROM) device, and the second memory device is aflash memory device.
 7. An embedded electronic device comprising: aprocessor; a first memory device configured to store a first bootprocedure; a plurality of memory controllers comprising a first memorycontroller and a second memory controller; and a second memory deviceconnected to the memory controllers; wherein the first memory controlleris configured to run a test on the second memory device and write a datainto a register based on a result of the test after the embeddedelectronic device is booted up; the processor is configured to executefollowing steps based on the first boot procedure: (a) in response tothat the data is a first value, verifying whether the second memorydevice safely corresponds to the first memory controller; and inresponse to that the second memory device safely corresponds to thefirst memory controller, deciphering and verifying stored data of thesecond memory device through the first memory controller; and (b) inresponse to that the data is a second value or that the second memorydevice does not safely correspond to the first memory controller,verifying whether the second memory device safely corresponds to thesecond memory controller.
 8. The embedded electronic device according toclaim 7, wherein the step of running the test on the second memorydevice and writing the data into the register based on the result of thetest by the first memory controller comprises: transmitting a testcommand to the second memory device; in response to that the secondmemory device returns a return value, pre-reading a default size datafrom the second memory device by the first memory controller; inresponse to that the first memory controller successfully reads thedefault size data, writing the first data into the register by the firstmemory controller; and in response to that the second memory device doesnot return the return value, writing the second data into the registerby the first memory controller.
 9. The embedded electronic deviceaccording to claim 8, wherein the step (a) comprises: reading a firstverification data in a storage space of a first bus addresscorresponding to the first memory controller; in response to that thefirst verification data is a preset data, confirming that the secondmemory device safely corresponds to the first memory controller; and inresponse to that the first verification data is not the preset data,confirming that the second memory device does not safely correspond tothe first memory controller.
 10. The embedded electronic deviceaccording to claim 9, wherein the step (b) comprises: reading a secondverification data in a storage space of a second bus addresscorresponding to the second memory controller and comparing the secondverification data with the preset data; in response to that the secondverification data is the preset data, confirming that the second memorydevice safely corresponds to the second memory controller; and inresponse to that the second verification data is not the preset data,confirming that the second memory device does not safely correspond tothe second memory controller.
 11. The embedded electronic deviceaccording to claim 10, wherein the second verification data comprises amatching data, and the matching data is used to match the second memorycontroller with the second memory device.
 12. The embedded electronicdevice according to claim 7, wherein the stored data comprises a secondboot procedure, and the processor is configured to execute the secondboot procedure after the processor executes the first boot procedure.13. The embedded electronic device according to claim 7, wherein thefirst memory device is a read-only memory (ROM) device, and the secondmemory device is a flash memory device.
 14. A boot method adapted for anembedded electronic device, wherein the embedded electronic devicecomprises: a processor; a first memory device configured to store afirst boot procedure; a plurality of memory controllers comprising afirst memory controller and a second memory controller; and a secondmemory device connected to the memory controllers; wherein the bootmethod comprises: executing following steps by the processor based onthe first boot procedure: (a) verifying whether the second memory devicesafely corresponds to the first memory controller; (b) in response tothat the second memory device safely corresponds to the first memorycontroller, deciphering and verifying stored data of the second memorydevice through the first memory controller; and (c) in response to thatthe second memory device does not safely correspond to the first memorycontroller, verifying whether the second memory device safelycorresponds to the second memory controller.
 15. The boot methodaccording to claim 14, wherein the step (a) comprises: reading a firstverification data in a storage space of a first bus addresscorresponding to the first memory controller; in response to that thefirst verification data is a preset data, confirming that the secondmemory device safely corresponds to the first memory controller; and inresponse to that the first verification data is not the preset data,confirming that the second memory device does not safely correspond tothe first memory controller.
 16. The boot method according to claim 15,wherein the step (c) comprises: reading a second verification data in astorage space of a second bus address corresponding to the second memorycontroller and comparing the second verification data with the presetdata; in response to that the second verification data is the presetdata, confirming that the second memory device safely corresponds to thesecond memory controller; and in response to that the secondverification data is not the preset data, confirming that the secondmemory device does not safely correspond to the second memorycontroller.
 17. The boot method according to claim 16, wherein the firstverification data comprises a first matching data, the secondverification data comprises a second matching data, the first matchingdata is used to match the first memory controller with the second memorydevice, and the second matching data is used to match the second memorycontroller with the second memory device.
 18. The boot method accordingto claim 14, wherein the stored data comprises a second boot procedure,and the processor executes the second boot procedure after the processorexecutes the first boot procedure.